Elixir, Phoenix, and Javascript

Opting out from FLoC in Phoenix

April 22, 2021

Federated Learing of Cohorts (FLoC) is a user tracking technology developed by Google that is currently being rolled out in the Chrome browser. It works by having the browser observe what sites a user visits and assigning the user to a group of users with similar interests (a "cohort"). This information can then be used to show targeted ads to the user based on their cohort.

FLoC does not depend on cookies, an it is opt-in by default. Users can opt out by changing their browser settings (or by not using Chrome), and websites can send a response header signaling that visits to the site should not be included in the cohort determination. In Phoenix you can do this by creating a plug looking like this:

defmodule MyWeb.FlocPlug do
  import Plug.Conn

  def init(default), do: default

  def call(conn, _default) do

    put_resp_header(conn, "permissions-policy", "interest-cohort=()")

You can then use the plug in your browser pipeline to set the Permissions-Policy: interest-cohort=() header in all responses.

Why would you do this? One reason could be to participate in a form of privacy activism, demonstrating your dislike of yet another invasion of users' online privacy. Or, if you are located in Europe, you may be concerned about the GDPR implications. By setting this header you can at least demonstrate that you have taken steps to prevent information about visitors from being passed to third parties.

← Back to articles